Re: How to decrypt files without the EFS Certificate

I believe that the point there was that the field itself contained only a
hash, not actually a key. If I'm understanding it correctly, it is a hash
that identifies a certificate that contains a key needed to decrypt the key
needed to decrypt the data.

Not exactly. Certificate do not contain the private key by itself
(which is actually used to decrypt the FEK), but it has a reference to
it.
.

Relevant Pages

Re: How to decrypt files without the EFS Certificate... it is a hash... needed to decrypt the data. ...Certificate do not contain the private key by itself ... (which is actually used to decrypt the FEK), but it has a reference to ...(microsoft.public.windowsxp.security_admin)

RE: Problem while decrypting...Decrypt will decrypt ANY GARBAGE ... in CBC mode a block error affects only two ... simple hash: attach the hash value of the original data at the end, ... > i was encrypting the data using the pass phrase. ...(microsoft.public.platformsdk.security)

Re: Simple Question: Always the same cyphertext?... > encrypt a file twice with the same key and obtain the same ciphertext does ... > if you are going to decrypt the file later. ... >> whereby I would like to verify the integrity of a file using a hash.... I will encrypt the file ...(sci.crypt)

Re:Basic Question... You assume that there could exist a second key that ... would decrypt a message encrypted with another key into meaningful content? ... In that respect hash functions wouldn't help, ... you would have to find a meaningful message that gave you the collision....(talk.politics.crypto)

Re: [Full-disclosure] Month of Random Hashes: DAY THREE... The original intent was that someone discovering a vuln would post the ... hash of the POC to the list so that later when it was widely released ...Hashing is not encryption, so flush the notion of "decrypt a hash" from ...(Full-Disclosure)